Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-0170 | 1 Ibm | 1 Security Siteprotector System | 2015-05-26 | 2.1 LOW | N/A |
| IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows local users to obtain sensitive information by reading cached data. | |||||
| CVE-2015-0161 | 1 Ibm | 1 Security Siteprotector System | 2015-05-26 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2015-0168 | 1 Ibm | 1 Security Siteprotector System | 2015-05-26 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-0140 | 1 Ibm | 1 Spss Statistics | 2015-05-26 | 6.8 MEDIUM | N/A |
| An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows remote attackers to execute arbitrary code via a crafted HTML document. | |||||
| CVE-2015-0160 | 1 Ibm | 1 Security Siteprotector System | 2015-05-26 | 9.0 HIGH | N/A |
| IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 allows remote authenticated users to execute arbitrary commands with SYSTEM privileges via unspecified vectors. | |||||
| CVE-2015-0120 | 1 Ibm | 1 Tivoli Storage Manager Fastback | 2015-05-26 | 7.5 HIGH | N/A |
| Buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 has unspecified impact and remote attack vectors. | |||||
| CVE-2015-0180 | 1 Ibm | 1 Infosphere Information Server | 2015-05-26 | 5.5 MEDIUM | N/A |
| The Connector Migration Tool in IBM InfoSphere Information Server 8.1 through 11.3 allows remote authenticated users to bypass intended restrictions on job creation and modification via unspecified vectors. | |||||
| CVE-2014-8125 | 1 Redhat | 2 Drools, Jbpm | 2015-05-26 | 7.5 HIGH | N/A |
| XML external entity (XXE) vulnerability in Drools and jBPM before 6.2.0 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted BPMN2 file. | |||||
| CVE-2014-8927 | 1 Ibm | 3 Endpoint Manager Family, License Metric Tool, Tivoli Asset Discovery For Distributed | 2015-05-26 | 5.0 MEDIUM | N/A |
| Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a crafted XML query, a different vulnerability than CVE-2014-8926. | |||||
| CVE-2014-2174 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2015-05-26 | 8.3 HIGH | N/A |
| Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651. | |||||
| CVE-2014-6190 | 1 Ibm | 1 Workload Deployer | 2015-05-26 | 5.0 MEDIUM | N/A |
| The log viewer in IBM Workload Deployer 3.1 before 3.1.0.7 allows remote attackers to obtain sensitive information via a direct request for the URL of a log document. | |||||
| CVE-2014-8926 | 1 Ibm | 3 Endpoint Manager Family, License Metric Tool, Tivoli Asset Discovery For Distributed | 2015-05-26 | 5.0 MEDIUM | N/A |
| Common Inventory Technology (CIT) before 2.7.0.2050 in IBM License Metric Tool 7.2.2, 7.5, and 9; Endpoint Manger for Software Use Analysis 9; and Tivoli Asset Discovery for Distributed 7.2.2 and 7.5 allows remote attackers to cause a denial of service (CPU consumption or application crash) via a crafted XML query, a different vulnerability than CVE-2014-8927. | |||||
| CVE-2015-0713 | 1 Cisco | 10 Telepresence Advanced Media Gateway, Telepresence Ip Gateway, Telepresence Ip Vcr 1.0 Converter and 7 more | 2015-05-26 | 9.0 HIGH | N/A |
| The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cisco TelePresence IP Gateway Series Software, Cisco TelePresence IP VCR Series Software before 3.0(1.27), Cisco TelePresence ISDN Gateway Software before 2.2(1.94), Cisco TelePresence MCU Software before 4.4(3.54) and 4.5 before 4.5(1.45), Cisco TelePresence MSE Supervisor Software before 2.3(1.38), Cisco TelePresence Serial Gateway Series Software before 1.0(1.42), Cisco TelePresence Server Software for Hardware before 3.1(1.98), and Cisco TelePresence Server Software for Virtual Machine before 4.1(1.79) allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors, aka Bug IDs CSCul55968, CSCur08993, CSCur15803, CSCur15807, CSCur15825, CSCur15832, CSCur15842, CSCur15850, and CSCur15855. | |||||
| CVE-2015-0722 | 1 Cisco | 2 Telepresence Tc Software, Telepresence Te Software | 2015-05-26 | 7.8 HIGH | N/A |
| The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952. | |||||
| CVE-2015-0750 | 1 Cisco | 1 Hosted Collaboration Solution | 2015-05-26 | 6.5 MEDIUM | N/A |
| The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and earlier allows remote authenticated users to execute arbitrary commands via crafted input to unspecified fields, aka Bug ID CSCut02786. | |||||
| CVE-2014-6192 | 1 Ibm | 1 Curam Social Program Management | 2015-05-26 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5 iFix10, 6.0.5 before 6.0.5.6, and 6.0.5.5a before 6.0.5.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2014-4774 | 1 Ibm | 2 Endpoint Manager Family, License Metric Tool | 2015-05-26 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the login page in IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 allows remote attackers to hijack the authentication of arbitrary users via vectors involving a FRAME element. | |||||
| CVE-2014-4778 | 1 Ibm | 2 Endpoint Manager Family, License Metric Tool | 2015-05-26 | 4.3 MEDIUM | N/A |
| IBM License Metric Tool 9 before 9.1.0.2 and Endpoint Manager for Software Use Analysis 9 before 9.1.0.2 do not send an X-Frame-Options HTTP header in response to requests for the login page, which allows remote attackers to conduct clickjacking attacks via vectors involving a FRAME element. | |||||
| CVE-2015-1899 | 1 Ibm | 1 Websphere Portal | 2015-05-26 | 7.8 HIGH | N/A |
| IBM WebSphere Portal 8.5 through CF05 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. | |||||
| CVE-2015-1909 | 1 Ibm | 1 Infosphere Master Data Management Server | 2015-05-26 | 5.0 MEDIUM | N/A |
| The XML parser in the Reference Data Management component in the server in IBM InfoSphere Master Data Management (MDM) 10.1 before IF1, 11.0 before FP3, 11.3, and 11.4 before FP2 allows remote attackers to read arbitrary files, and consequently obtain administrative access, via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||